CVE-2021-36781

Published: Jan 14, 2022Modified: Nov 21, 2024

4.4

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

Exploitability: 1.8 / Impact: 2.5

Source: NVD

Description

A Incorrect Default Permissions vulnerability in the parsec package of openSUSE Factory allows local attackers to imitate the service leading to DoS or clients talking to an imposter service. This issue affects: openSUSE Factory parsec versions prior to 0.8.1-1.1.

Affected (1)

Products: Opensuse: Factory

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Opensuse Factory	Before 0.8.1-1.1

Related CWEs

Incorrect Default Permissions

During installation, installed file permissions are set to allow anyone to modify those files.

References (2)

https://bugzilla.suse.com/show_bug.cgi?id=1193484

Source: meissner@suse.de

ExploitIssue TrackingPatchThird Party Advisory

https://bugzilla.suse.com/show_bug.cgi?id=1193484

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitIssue TrackingPatchThird Party Advisory

Timeline

No history available yet.